From f5d153daf0c96c6fdcfae7b68b01689f4a5a51f3 Mon Sep 17 00:00:00 2001 From: Peter Kolbus Date: Tue, 11 Dec 2018 14:01:44 -0600 Subject: [PATCH 1/3] Fix DEADCODE in mbedtls_mpi_exp_mod() In mbedtls_mpi_exp_mod(), the limit check on wsize is never true when MBEDTLS_MPI_WINDOW_SIZE is at least 6. Wrap in a preprocessor guard to remove the dead code and resolve a Coverity finding from the DEADCODE checker. Change-Id: Ice7739031a9e8249283a04de11150565b613ae89 --- library/bignum.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/bignum.c b/library/bignum.c index ba817bebf..f6e50b986 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1679,8 +1679,10 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi wsize = ( i > 671 ) ? 6 : ( i > 239 ) ? 5 : ( i > 79 ) ? 4 : ( i > 23 ) ? 3 : 1; +#if( MBEDTLS_MPI_WINDOW_SIZE < 6 ) if( wsize > MBEDTLS_MPI_WINDOW_SIZE ) wsize = MBEDTLS_MPI_WINDOW_SIZE; +#endif j = N->n + 1; MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, j ) ); From 16015ddd596bebca11b7d8c7454cb3bee851d5bb Mon Sep 17 00:00:00 2001 From: Peter Kolbus Date: Thu, 27 Dec 2018 06:59:04 -0600 Subject: [PATCH 2/3] all.sh: Test MBEDTLS_MPI_WINDOW_SIZE=1 There were no tests for a non-default MPI window size. Add one. Change-Id: Ic08fbc9161d0b3ee67eb3c91f9baf602646c9dfe --- tests/scripts/all.sh | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 070e623e6..f13f9c896 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -870,6 +870,16 @@ support_test_mx32 () { esac } +component_test_min_mpi_window_size () { + msg "build: Default + MBEDTLS_MPI_WINDOW_SIZE=1 (ASan build)" # ~ 10s + scripts/config.pl set MBEDTLS_MPI_WINDOW_SIZE 1 + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + + msg "test: MBEDTLS_MPI_WINDOW_SIZE=1 - main suites (inc. selftests) (ASan build)" # ~ 10s + make test +} + component_test_have_int32 () { msg "build: gcc, force 32-bit bignum limbs" scripts/config.pl unset MBEDTLS_HAVE_ASM From 0fd30212044947f4fa55a8e547e3577e81f4590f Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Fri, 8 Feb 2019 17:21:30 +0100 Subject: [PATCH 3/3] Update change log --- ChangeLog | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ChangeLog b/ChangeLog index 07cc87692..027e9ce25 100644 --- a/ChangeLog +++ b/ChangeLog @@ -21,6 +21,10 @@ Changes produced by some optimizing compilers, showing up as failures in e.g. RSA or ECC signature operations. Reported in #1722, fix suggested by Aurelien Jarno and submitted by Jeffrey Martin. + * Remove dead code from bignum.c in the default configuration. + Found by Coverity, reported and fixed by Peter Kolbus (Garmin). Fixes #2309. + * Add test for minimal value of MBEDTLS_MPI_WINDOW_SIZE to all.sh. + Contributed by Peter Kolbus (Garmin). = mbed TLS 2.7.9 branch released 2018-12-21